RPM Package Manager, CVS Repository
http://rpm5.org/cvs/
____________________________________________________________________________
Server: rpm5.org Name: Jeff Johnson
Root: /v/rpm/cvs Email: jbj@rpm5.org
Module: rpm Date: 12-Jul-2007 12:54:54
Branch: rpm-4_5 Handle: 2007071211545301
Modified files: (Branch: rpm-4_5)
rpm CHANGES system.h
rpm/build files.c
rpm/lib fsm.c rpmfi.c rpminstall.c
rpm/python rpmts-py.c
Log:
- selinux: use matchpthcon() instead or rpmsx.
Summary:
Revision Changes Path
1.1360.2.26 +1 -0 rpm/CHANGES
1.243.2.2 +10 -14 rpm/build/files.c
2.113.2.2 +4 -6 rpm/lib/fsm.c
2.63.2.3 +9 -8 rpm/lib/rpmfi.c
1.146.2.3 +4 -10 rpm/lib/rpminstall.c
1.65.2.2 +4 -10 rpm/python/rpmts-py.c
2.63.2.4 +3 -0 rpm/system.h
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: rpm/CHANGES
============================================================================
$ cvs diff -u -r1.1360.2.25 -r1.1360.2.26 CHANGES
--- rpm/CHANGES 12 Jul 2007 10:01:21 -0000 1.1360.2.25
+++ rpm/CHANGES 12 Jul 2007 10:54:53 -0000 1.1360.2.26
@@ -1,4 +1,5 @@
4.4.9 -> 4.5:
+ - jbj: selinux: use matchpthcon() instead or rpmsx.
- jbj: insure that RPMFILE_EXISTS is set for %config files.
- jbj: fix ptr alignment problem seen on pld/sparc64.
- jbj: re-add /usr/bin/rpmbuild for now, poptBT option wiring needs fixing.
@@ .
patch -p0 <<'@@ .'
Index: rpm/build/files.c
============================================================================
$ cvs diff -u -r1.243.2.1 -r1.243.2.2 files.c
--- rpm/build/files.c 9 Jun 2007 19:08:49 -0000 1.243.2.1
+++ rpm/build/files.c 12 Jul 2007 10:54:53 -0000 1.243.2.2
@@ -23,9 +23,6 @@
#define _RPMFI_INTERNAL
#include "rpmfi.h"
-#include "rpmsx.h"
-
-
#define _RPMTE_INTERNAL
#include "rpmte.h"
@@ -1268,12 +1265,12 @@
int apathlen = 0;
int dpathlen = 0;
int skipLen = 0;
- rpmsx sx = NULL;
+ security_context_t scon = NULL;
const char * sxfn;
size_t fnlen;
FileListRec flp;
char buf[BUFSIZ];
- int i;
+ int i, xx;
/* Sort the big list */
qsort(fl->fileList, fl->fileListRecsUsed,
@@ -1288,7 +1285,7 @@
sxfn = rpmGetPath("%{?_build_file_context_path}", NULL);
if (sxfn != NULL && *sxfn != '\0')
- sx = rpmsxNew(sxfn);
+ xx = matchpathcon_init(sxfn);
for (i = 0, flp = fl->fileList; i < fl->fileListRecsUsed; i++, flp++) {
const char *s;
@@ -1505,18 +1502,17 @@
&(flp->flags), 1);
/* Add file security context to package. */
-/*@-branchstate@*/
- if (sx != NULL) {
+ {
mode_t fmode = (uint_16)flp->fl_mode;
- s = rpmsxFContext(sx, flp->fileURL, fmode);
- if (s == NULL) s = "";
+ static const char *nocon = "";
+ if (matchpathcon(flp->fileURL, fmode, &scon) || scon == NULL)
+ scon = nocon;
(void) headerAddOrAppendEntry(h, RPMTAG_FILECONTEXTS, RPM_STRING_ARRAY_TYPE,
- &s, 1);
+ &scon, 1);
+ if (scon != nocon)
+ freecon(scon);
}
-/*@=branchstate@*/
-
}
- sx = rpmsxFree(sx);
sxfn = _free(sxfn);
(void) headerAddEntry(h, RPMTAG_SIZE, RPM_INT32_TYPE,
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/fsm.c
============================================================================
$ cvs diff -u -r2.113.2.1 -r2.113.2.2 fsm.c
--- rpm/lib/fsm.c 9 Jun 2007 15:47:48 -0000 2.113.2.1
+++ rpm/lib/fsm.c 12 Jul 2007 10:54:54 -0000 2.113.2.2
@@ -666,13 +666,11 @@
if (ts != NULL && rpmtsSELinuxEnabled(ts) == 1 &&
!(rpmtsFlags(ts) & RPMTRANS_FLAG_NOCONTEXTS))
{
- rpmsx sx = rpmtsREContext(ts);
+ security_context_t scon = NULL;
- if (sx != NULL) {
- /* Get file security context from patterns. */
- fsm->fcontext = rpmsxFContext(sx, fsm->path, st->st_mode);
- sx = rpmsxFree(sx);
- } else {
+ if (matchpathcon(fsm->path, st->st_mode, &scon) == 0 && scon != NULL)
+ fsm->fcontext = scon;
+ else {
int i = fsm->ix;
/* Get file security context from package. */
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpmfi.c
============================================================================
$ cvs diff -u -r2.63.2.2 -r2.63.2.3 rpmfi.c
--- rpm/lib/rpmfi.c 9 Jun 2007 19:08:50 -0000 2.63.2.2
+++ rpm/lib/rpmfi.c 12 Jul 2007 10:54:54 -0000 2.63.2.3
@@ -16,8 +16,6 @@
#define _RPMFI_INTERNAL
#include "rpmfi.h"
-#include "rpmsx.h"
-
#define _RPMTE_INTERNAL /* relocations */
#include "rpmte.h"
#include "rpmts.h"
@@ -1749,7 +1747,6 @@
{
int scareMem = 0;
rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
- rpmsx sx = NULL;
const char ** av = NULL;
int ac;
size_t nb;
@@ -1764,7 +1761,11 @@
}
/* Read security context patterns. */
- sx = rpmsxNew(NULL);
+ { const char *fn = rpmGetPath("%{?__file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0')
+ matchpathcon_init(fn);
+ fn = _free(fn);
+ }
/* Compute size of argv array blob, concatenating file contexts. */
nb = ac * sizeof(*fcnb);
@@ -1775,10 +1776,10 @@
while (rpmfiNext(fi) >= 0) {
const char * fn = rpmfiFN(fi);
mode_t fmode = rpmfiFMode(fi);
- const char * scon;
+ security_context_t scon;
- scon = rpmsxFContext(sx, fn, fmode);
- if (scon != NULL) {
+ scon = NULL;
+ if (matchpathcon(fn, fmode, &scon) == 0 && scon != NULL) {
fcnb[ac] = strlen(scon) + 1;
/*@-branchstate@*/
if (fcnb[ac] > 0) {
@@ -1787,6 +1788,7 @@
fctxtlen += fcnb[ac];
}
/*@=branchstate@*/
+ freecon(scon);
}
ac++;
}
@@ -1811,7 +1813,6 @@
exit:
fi = rpmfiFree(fi);
- sx = rpmsxFree(sx);
/*@-branchstate@*/
if (fcontextp)
*fcontextp = av;
@@ .
patch -p0 <<'@@ .'
Index: rpm/lib/rpminstall.c
============================================================================
$ cvs diff -u -r1.146.2.2 -r1.146.2.3 rpminstall.c
--- rpm/lib/rpminstall.c 9 Jun 2007 19:08:50 -0000 1.146.2.2
+++ rpm/lib/rpminstall.c 12 Jul 2007 10:54:54 -0000 1.146.2.3
@@ -310,16 +310,10 @@
/* Initialize security context patterns (if not already done). */
if (!(ia->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
- rpmsx sx = rpmtsREContext(ts);
- if (sx == NULL) {
- fn = rpmGetPath("%{?_install_file_context_path}", NULL);
- if (fn != NULL && *fn != '\0') {
- sx = rpmsxNew(fn);
- (void) rpmtsSetREContext(ts, sx);
- }
- fn = _free(fn);
- }
- sx = rpmsxFree(sx);
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0')
+ xx = matchpathcon_init(fn);
+ fn = _free(fn);
}
(void) rpmtsSetFlags(ts, ia->transFlags);
(void) rpmtsSetDFlags(ts, ia->depFlags);
@@ .
patch -p0 <<'@@ .'
Index: rpm/python/rpmts-py.c
============================================================================
$ cvs diff -u -r1.65.2.1 -r1.65.2.2 rpmts-py.c
--- rpm/python/rpmts-py.c 6 Jun 2007 05:33:13 -0000 1.65.2.1
+++ rpm/python/rpmts-py.c 12 Jul 2007 10:54:54 -0000 1.65.2.2
@@ -1254,16 +1254,10 @@
/* Initialize security context patterns (if not already done). */
if (!(s->ts->transFlags & RPMTRANS_FLAG_NOCONTEXTS)) {
- rpmsx sx = rpmtsREContext(s->ts);
- if (sx == NULL) {
- const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
- if (fn != NULL && *fn != '\0') {
- sx = rpmsxNew(fn);
- (void) rpmtsSetREContext(s->ts, sx);
- }
- fn = _free(fn);
- }
- sx = rpmsxFree(sx);
+ const char *fn = rpmGetPath("%{?_install_file_context_path}", NULL);
+ if (fn != NULL && *fn != '\0')
+ rc = matchpathcon_init(fn);
+ fn = _free(fn);
}
if (_rpmts_debug)
@@ .
patch -p0 <<'@@ .'
Index: rpm/system.h
============================================================================
$ cvs diff -u -r2.63.2.3 -r2.63.2.4 system.h
--- rpm/system.h 10 Jun 2007 17:12:24 -0000 2.63.2.3
+++ rpm/system.h 12 Jul 2007 10:54:53 -0000 2.63.2.4
@@ -319,6 +319,9 @@
#define is_selinux_enabled() (-1)
#define rpm_execcon(_v, _fn, _av, _envp) (0)
+
+#define matchpathcon_init(_fn) (-1)
+#define matchpathcon(_fn, _fmode, _s) (-1)
#endif
#if defined(WITH_SELINUX) && defined(__LCLINT__)
@@ .
Received on Thu Jul 12 12:54:54 2007